steveni
Posts: 33
|
| Posted: 02/15/2005, 3:13 AM |
|
Hi All,
I have discovered that you can view the html page when the asp page is secured i.e. Menu.asp might be secured and require login but Menu.html (template) is not.
The info that is displayed may be marginal but any plain text may be insecure.
Has anyone a way to check (javascript?) that the Menu.html page is not loaded in the browser i.e. Menu.asp is loaded?
Try it yourself. Go to a page that you have secured on one of your web sites. Instead of typing the page name.asp, type page name.html in the browser.
Cheers!
|
 |
 |
steveni
Posts: 33
|
| Posted: 02/15/2005, 3:56 AM |
|
I found the answer:
Include this Javascript at the top of the template page.
<SCRIPT LANGUAGE="JavaScript">
if (parent.location.href == 'http://Web Site URL/Menu.html') {
// change the url below to the url of the
// asp page...
window.location.href = 'Menu.asp';
}
</script>
|
|
|
|
|
